Apache automatically stops each sunday. Why?

Question

Every sunday at 3 Apache restarts. Problem is: there is a ceritificate on the server with an encrypted private key. Being the password not provided during automatic restart, apache stops and all my websites go down.

I want to stop Apache from restarting every week. How? Here is the apache log at that time. Before [notice] caught SIGTERM, shutting down there's nothing relevant, if you are wondering...

[Sun Feb 15 03:37:12 2015] [notice] caught SIGTERM, shutting down 
[Sun Feb 15 03:37:12 2015] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) 

[Sun Feb 15 03:37:13 2015] [error] Init: Unable to read pass phrase [Hint: key introduced or changed before restart?] 
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag 
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218640442 error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error 
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag 
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error 
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 67710980 error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib 
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag 
[Sun Feb 15 03:37:13 2015] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error 
[Sun Feb 15 11:09:41 2015] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) 
[Sun Feb 15 11:09:44 2015] [notice] Digest: generating secret for digest authentication ... 
[Sun Feb 15 11:09:44 2015] [notice] Digest: done 
[Sun Feb 15 11:09:44 2015] [notice] FastCGI: wrapper mechanism enabled (wrapper: /usr/sbin/suexec) 
[Sun Feb 15 11:09:44 2015] [notice] FastCGI: process manager initialized (pid 11309) 
[Sun Feb 15 11:09:44 2015] [notice] Apache/2.2.15 (Unix) mod_ssl/2.2.15 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 configured -- resuming normal operations

Additional info:

• Cron Jobs: /usr/sbin/raid-check this is the only cron job that runs at sunday night (1AM), but if i run it manually nothing happens to Apache...

Answer 1

Probable cause is the postscript in logrotate script. Thats the script that runs after the logrotation. File should be called /etc/logrotate.d/apache2 or /etc/logrotate.d/httpd (depending od distro) and look something like:

/var/log/httpd/*log {
    missingok
    notifempty
    sharedscripts
    postrotate
        /sbin/service httpd reload > /dev/null 2>/dev/null || true
    endscript
}

Relevant part is 'service httpd reload'. One way to solve it is to just remove last 4 lines (from sharedscripts till endscript, including those two). Also, add copytruncate option, so your logrotate script becomes:

/var/log/httpd/*log {
    copytruncate
    missingok
    notifempty
}

copytruncate will eliminate need for apache restart because it will copy the contents of a log file, and then zero it, so file descriptor will remain the same and apache process won't notice any changes.

To test the logrotate, run:

logrotate -f /etc/logrotate.d/httpd

Also, consider setting up private key without password because this is bad practice, and obviously you see it now why :)